VYPR

Omniswitch

by Alcatel Lucent

CVEs (5)

  • CVE-2015-2805Jun 16, 2015
    risk 0.03cvss epss 0.03

    Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02,…

  • CVE-2015-2804Jun 16, 2015
    risk 0.00cvss epss 0.02

    The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force…

  • CVE-2004-2377Dec 31, 2004
    risk 0.00cvss epss 0.02

    Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled.

  • CVE-2002-1272Dec 11, 2002
    risk 0.00cvss epss 0.05

    Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.

  • CVE-1999-1559Mar 31, 1999
    risk 0.00cvss epss 0.02

    Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.